Question No: 111 – (Topic 1)

You are planning the deployment of Windows 7 to computers that are located in a main office, in branch offices, and in a store kiosk.

Computers in all three types of location use the same hardware. Kiosk computers are members of a workgroup. Kiosk computers must use specific settings for local security. Branch office computers must use BitLocker Drive Encryption.

You have the following requirements: Create deployment images. Minimize image maintenance.

You need to define an image-creation strategy that meets the requirements. What should you do?

Create a single image to use for the branch office computers and the kiosk computers. Create a separate image to use for the main office computers.

Create a single image to use for all location types. Create a custom Windows security template for each location type.

Create one image to use for each location type. Encrypt the hard disks on the branch office computers prior to capturing the image.

Create a single image to use for the main office computers and the branch office computers, and apply the required settings through Group Policy. Create a separate image to use for the kiosk computers.

Answer: D Explanation: hints:

Kiosk is belong to workgroup, it does not support by group policy. so it must use seperate image for its own local security.

Question No: 112 – (Topic 1)

All client computers in your network run Windows 7 with default firewall settings.

You have a server-based application that requires an agent to be installed on all client computers.

You need to use Group Policy to allow the application to initiate installation of the agent on all client computers.

What should you do?

Create inbound program rules.

Create inbound port rules.

Create Windows service hardening rules.

Create connection security rules.

Answer: B

Explanation:

hints:

software havent install, so unable to block program

Question No: 113 DRAG DROP – (Topic 1)

Your company has 1,000 client computers that run Windows 7. The company uses several custom line-of-business applications that are not compatible with Windows 7.

You need to distribute a Microsoft Enterprise Desktop Visualization (MED-V) virtual machine (VM) image that includes the custom applications to all Windows 7 client computers.

Which three actions should you perform in sequence? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)

Answer:

Question No: 114 HOTSPOT – (Topic 1)

You use Group Policy to configure Windows 7 Enterprise client computers.

You need to modify a Group Policy object (GPO) to specify a custom location for the temp folder.

Which setting should you select? To answer, select the appropriate setting or settings in the work area.

Answer:

Question No: 115 DRAG DROP – (Topic 1)

You create a shim database and distribute it to each of a companys client computers through a script. You name the database Shim_Database and give it a filename of shimdatabase.sdb. The database GUID is 18315260-2ecb-43af-945a-56810da33fb4.

The database must be registered on all client computers. The registration process must be invisible to the user.

You need to construct a command to register the shim database.

Which command should you use? To answer, drag the appropriate component from the list of command components to the correct location or locations in the work area.

Answer:

Question No: 116 – (Topic 1)

Your network has a single domain with 1,000 client computers that run Windows 7. You use Microsoft System Center Configuration Manager 2007 to distribute and install software applications. All users have standard user accounts.

You plan to use Group Policy to ensure that application installation functions properly. You need to design the User Account Control (UAC) policy.

What should you do?

Configure the User Account Control: Behavior of the elevation prompt for standard users setting to be Prompt for credentials.

Configure the User Account Control: Only elevate executables that are signed and

validated setting to be Enabled.

Configure the User Account Control: Detect application installations and prompt for elevation setting to be Disabled.

Configure the User Account Control: Detect application installations and prompt for elevation setting to be Enabled.

The User Account Control: Detect application installations and prompt for elevation policy setting controls the behavior of application installation detection for the computer.

The options are:

Enabled. (Default for home) When an application installation package is detected that requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.

Disabled. (Default for enterprise) Application installation packages are not detected and prompted for elevation. Enterprises that are running standard user desktops and use delegated installation technologies such as Group Policy Software Installation or Systems Management Server (SMS) should disable this policy setting. In this case, installer detection is unnecessary.